More than GDPR compliance…
The boom in process digitalization, big data and the IoT has spurred an exponential increase in data production. The volume of data worldwide has risen to 15 zettabytes and personal data represents a growing share of that total.
The European Union established the General Data Protection Regulation (GDPR) to protect and safeguard its citizens’ personal data. The organizations are now responsible for ensuring that data is used in a reasonable, transparent way , that it is securely stored and that users have easy access to their data along with the ability to review, modify or delete personal information.
Our mission has always been to protect people, along with their goods and their data, by securing their identity and access while enabling the easy , secure supervision of industrial processes and the flow of resources and assets. For more than 20 years, our development policy has been based on open technology and public-key cryptography standards, ensuring that all of our products and solutions comply with current GDPR requirements in complete transparency.
Welcome to High Security
As a forerunner in the field of high-level security – STid was the first manufacturer to receive top-level security certification* from France’s National Cybersecurity Agency (ANSSI) – we were a recognized leader in data protection long before the introduction of the GDPR:
*Certified reader: LXSW33EPH57AD1 –ANSSI-CSPN-2013/03 certificate dated March 19, 2013.
Certifications by independent bodies
We’re the first manufacturer to receive ANSSI’s top-level security certification (CSPN), and we offer solutions that comply with ANSSI’s leading architecture. We are audited regularly by independent certification bodies, such as Phonesec or as Cogiceo, which verify the security and protection level of our solutions.
Our data and those of our customers are hosted on two hosting services that set the standard when it comes to security. We require that they meet the most stringent standards on the market:
HADs and PCI-DSS certifications, SOC 1 TYPE II / SOC 2 TYPE II attestations and ISO 27001 / 27002 / 27005 standards – Security of hosting, access and processing data and information
Protection anti-DDoS – Data access security and durability
STAR self-assessment - Cloud Security Alliance - Cloud computing environment security
VMware certification and OpenStack Powered – Cloud architecture security certifications from virtualization and cloud computing market leading
APSAD certification – Data hosting areas and facilities protection
Three data storage methods,
one level of compliance
Our customers can choose to have their data hosted in one of three ways:
on their own servers*,
online on the secure servers operated by our partner hosting services.
As a result, our integrator customers can meet the security policies of even the most demanding organizations while ensuring the very highest level of data protection.
*If the data is hosted on our customers’ local servers or by their own hosting companies, we guarantee the integrity of our security exclusively across the communications chain for which we are responsible.
Why is it important for companies to comply with the GDPR?
Companies are collecting and processing personal data on an increasingly massive scale. Numerous cases of harmful disclosure have made headlines worldwide, with serious adverse consequences for those involved. It is important for all of us to be able to manage our data security and be assured that our data is protected. The European Union adopted the GDPR for just that purpose. Companies that fail to comply with its provisions can pay a heavy price, including fines of up to 4% of their annual global revenue.